You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by gerd trautner <gt...@yuri.at> on 2001/02/05 09:05:10 UTC
tomcat.policy, SSL and SQL -> AccessControlException
hi all,
i have troubles configuring the tomcat.policy file.
my application reads some data from a mysql database running on port 3306, localhost.
i use the org.gjt.mm.mysql classes to connect to it and everything run fine.
i also use basic authentification with tomcat, the user data are also in the mysql database.
now i want make everything secure. i tried a lot and i got nearly everything working fine.
but i am not able to set the tomcat.policy, that the org.gjt.mm.mysql classes within my servlets are allowed to connect to the mysql database.
tomcat.policy:
//java. the org.gjt.mm.mysql jars are in jdk1.2.2/jre/lib/ext.
grant codeBase "file:d:/jdk1.2.2/lib/-" {permission java.security.AllPermission;};
grant codeBase "file:d:/jdk1.2.2/jre/lib/-" {permission java.security.AllPermission;};
grant codeBase "file:d:/jdk1.2.2/jre/lib/ext/-" {permission java.security.AllPermission;};
// Tomcat gets all permissions.
grant codeBase "file:d:/tomcat/lib/-" {permission java.security.AllPermission;};
grant codeBase "file:d:/tomcat/classes/-" {permission java.security.AllPermission;};
//my application directory
grant codeBase "file:d:/tomcat/webapps/shv_wb/WEB-INF/classes/-" {permission java.security.AllPermission;};
grant codeBase "file:d:/tomcat/webapps/shv_wb/WEB-INF/lib/-" {permission java.security.AllPermission;};
it is realy confusing, because tomcat is able to read the authority-data for the basic authentification out of the database, but my servlets are not allowed to do this.
i get this message from tomcat:
java.security.AccessControlException: access denied (java.net.SocketPermission localhost resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:195)
at java.security.AccessController.checkPermission(AccessController.java:403)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1019)
at java.net.InetAddress.getAllByName0(InetAddress.java:565)
at java.net.InetAddress.getAllByName0(InetAddress.java:546)
at java.net.InetAddress.getByName(InetAddress.java:455)
at java.net.Socket.<init>(Socket.java:98)
at org.gjt.mm.mysql.MysqlIO.<init>(MysqlIO.java:114)
at org.gjt.mm.mysql.Connection.<init>(Connection.java:229)
at org.gjt.mm.mysql.Driver.connect(Driver.java:126)
at java.sql.DriverManager.getConnection(DriverManager.java:457)
at java.sql.DriverManager.getConnection(DriverManager.java:137)
at KMAnmeldungen.doGet(KMAnmeldungen.java:65)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:404)
at org.apache.tomcat.core.Handler.service(Handler.java:286)
at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372)
at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:797)
at org.apache.tomcat.core.ContextManager.service(ContextManager.java:743)
at org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpConnectionHandler.java:210)
at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
at java.lang.Thread.run(Thread.java:479)
can anyone help?
tanks a lot,
gerd